the validity of the signature can be checked by anyone who has knowledge of the sender's public key. In the signcryption scheme of [4], the unsigncryp
|
|
- Marshall Rogers
- 5 years ago
- Views:
Transcription
1 A Signcryption Scheme with Signature Directly Veriable by Public Key Feng Bao and Robert H. Deng Institute of Systems Science National University of Singapore Kent Ridge, Singapore fbaofeng, Abstract. Signcryption, rst proposed by Zheng [4, 5], is a cryptographic primitive which combines both the functions of digital signature and public key encryption in a logical single step, and with a computational cost sigincantly lower than that needed by the traditional signature-then-encryption approach. In Zheng's scheme, the signature verication can be done either by the recipient directly (using his private key) or by engaging a zero-knowledge interative protocol with a third party, without disclosing recipient's private key. In this note, we modify Zheng's scheme so that the recipient's private key is no longer needed in signature verication. The computational cost of the modied scheme is higher than that of Zheng's scheme but lower than that of the signature-then-encryption approach. 1 Introduction To guarantee unforgibility, integrity and condentiality of communications, the traditional method is to digitally sign a message then followed by public key encryption. Signcryption, rst proposed by Zheng [4], is a new cryptographic primitive which simultaneously fullls both the functions of signature and encryption in a single logical step, and with a computational cost signicantly lower than that required by the traditional signature-then-encryption approach. Two types of signcryption schemes were studied in [4], one based on the ElGamal type of public key cryptosystems and the other on RSA. In this note, we only consider signcryption schemes based on the ElGamal type of public key cryptosystems. In the signature-then-encryption approach using DSA for signature and the ElGamal public key cryptosysem for encryption, a total of 6 exponential computations are required: one for signature generation, two for encryption, one for decryption, and two for signature verication. Zheng's signcryption scheme needs only a total of 3 exponential computations: one for signcrypting and two for unsigncrypting. In the traditional signature-then-encryption approach, the message and the sender's signature are obtained after the decryption by using the recipient's private key. The signature is then veried using only the sender's public key. Hence,
2 the validity of the signature can be checked by anyone who has knowledge of the sender's public key. In the signcryption scheme of [4], the unsigncryption (decryption and signature verication) needs the recipient's private key therefore, only the recipient can verify the signature. As pointed out in [5], the constraint of using the recipient's private key in unsigncryption is acceptable for certain applications where the recipient need not pass the signature to others for veri- cation however, Zheng's singcryption schemes can not be used in applications where a signature need to be validated by a third party only using the public key as in usual signature scheme. To overcome this problem, some methods are given in [5] by introducing an independent judge. That is done by proving the equality of discrete logarithms. However, [2] points out that the condentiality is lost in this case. In this note, we modify Zheng's signcryption scheme such that verication of a signature no longer needs the recipient's private key. Hence, the modied scheme functions in exactly the same manner as that of the signature-thenencryption approach. However, the modied scheme is not as ecient as Zheng's original scheme. Nevertheless, the modied scheme is still more computational ecient than the signature-then-encryption approach. 2 Zheng's Scheme Task: Alice has a message m to send to Bob. Alice signcrypts m so that the eect is similar to signature-then-encryption. Public Parameters p: a large prime. q: a large prime factor of p ; 1. g: an element ofz p of order q. hash: a one-way hash function. KH:a keyed one-way hash function. (E D): the encryption and decryption algorithms of a symmetric key cipher. Alice's keys x a : Alice's private key, x a 2 Z q. y a : Alice's public key, y a = g xa mod p. Bob's keys x b : Bob's private key, x b 2 Z q. y b : Bob's public key, y b = g x b mod p. (k 1 k 2 )=hash(y x b mod p) c = E k 1(m) r = KH k 2(m)
3 s = x=(r + x a )modq (k 1 k 2 )=hash((y a g r ) sx b mod p) m = D k 1(c) to recover the plaintext message, and then checks whether KH k 2(m) =r for signature verication. In [4], two singcryption schemes were given, called SDSS1 and SDSS2. Here we only describe the case for SDSS1. The case for SDSS2 is similar. In Zheng's unsigncrypting process, it is straightforward to see that x b is involved for signature verication. 3 The Modied Singcryption Scheme Using the same set of notations as in the last section for public parameters, Alice's key and Bob's keys, the modied scheme is described as follows: k 1 = hash(y x b mod p), k 2 = hash(g x mod p) c = E k 1(m) r = KH k 2(m) s = x=(r + x a )modq. t 1 =(y a g r ) s mod p t 2 = t x b mod p 1 k 1 = hash(t 2 ) k 2 = hash(t 1 ) m = D k 1(c) to obtain the plaintext message, then checks whether KH k 2(m) =r for signature verication. Later when necessary, Bob mayforward (m r s) to others, who can be convinced that it came originally from Alice by verifying k = hash((y a g r ) s mod p) andr = KH k (m) Actually, we can use hash to replace the keyed hash function KH.Inthatcase, the modied scheme can be written as follows:
4 Modied Scheme t 1 = g x mod p t 2 = y x mod b p c = E hash(t2 )(m) r = hash(m t 1 ) s = x=(r + x a )modq t 1 =(y a g r ) s mod p t 2 = t x b mod p 1 m = D hash(t2)(c), then checks whether r = hash(m t 1 ). Bob may pass (m r s) to others, who can be convinced that it indeed came from Alice by verifying r = hash(m (y a g r ) s ) 4 Discussion Discussion on Computation Cost In the comparison of computation costs, we assume that the exponential computation is the most time consuming while the computation time for hash and (E D) can be ignored. Under this assumption, the modied scheme requires a total of 5 exponential computations instead of 6 as in the traditional signaturethen-encryption method. At the same time, it achieves exactly the same eect as in signature-then-encryption. That is, after receiving (c r s), Bob rst obtains the plaintext message m using his private key. Now Bob has Alice's signature (m r s). This signature can be veried by anyone using only Alice's public key. Discussion on Security The security of the modied scheme is the same as that of the original scheme. 1. Unforgeability { it is computationally infeasible for an adaptive attacker to masquerade in creating a signcrypted text. 2. Non-repudiation { it is computationally feasible for a third party to settle a dispute between Alice and Bob in an event where Alice denies that she is the originator of a signcrypted text. Both the unforgeability and non-repudiation are based on the assumption that it is computationally infeasible to forge (m r s)(without knowing x a )suchthat
5 r = hash(m (y a g r ) s ), which is the security basis for SDSS1. It should be noted that the same assumption is made in the Schnorr signature scheme [3]. 3. Condentiality It is computationally infeasible for an adaptive attacker to gain any information on the contents of a signcrypted text. Here, as in any public key cryptosystems, we assume that jmj is large enough to resist brute force attack fromr = hash(m (y a g r ) s ). References 1. T. ElGamal, \A public key cryptosystem and a signature scheme based on discrete logarithms", IEEE Transactions on Information Theory, IT-31(4): , H. Petersen and M. Michels, \Cryptanalysis and improvement of signcryption schemes", to appear in IEE Computers and Digital Techniques, C. P. Schnorr, \Ecient identication and signature for smart cards", Advances in Cryptology - CRYPTO'89, LNCS 435, Springer-Verlag, pp Y. Zheng, \Digital signcryption or how to achieve cost (signature and encryption) << cost(signature) + cost(encryption)", In Advances in Cryptology - CRYPTO'97, LNCS 1294, Springer-Verlag, pp , Y. Zheng, \Signcryption and its application in ecient public key solutions", Pre- Proceedings of Information Security Workshop(ISW'97), pp , to be published in LNCS by Springer-Verlag. This article was processed using the LATEX macro package with LLNCS style
Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell
Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering
More informationThe most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who
1 The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who exchange messages from any third party. However, it does
More informationPublic Key Algorithms
Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.5 Public Key Algorithms CSC 474/574 Dr. Peng Ning 1 Public Key Algorithms Public key algorithms covered in this class RSA: encryption and digital signature
More informationKey Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings
Key Exchange References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings Outlines Primitives Root Discrete Logarithm Diffie-Hellman ElGamal Shamir s Three Pass
More informationSIGNCRYPTION WITH NON-INTERACTIVE NON-REPUDIATION
SIGNCRYPTION WITH NONINTERACTIVE NONREPUDIATION JOHN MALONELEE ABSTRACT Signcryption [35] is a public key primitive that achieves the functionality of both an encryption scheme and a signature scheme simultaneously
More informationDigital Signatures. Luke Anderson. 7 th April University Of Sydney.
Digital Signatures Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Digital Signatures 1.1 Background 1.2 Basic Operation 1.3 Attack Models Replay Naïve RSA 2. PKCS#1
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationOutline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationIntroduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption
Introduction to Cryptography and Security Mechanisms: Unit 5 Public-Key Encryption Learning Outcomes Explain the basic principles behind public-key cryptography Recognise the fundamental problems that
More informationOutline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)
Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security MAC, HMAC, Hash functions and DSA Vinod Ganapathy Lecture 6 Message Authentication message authentication is concerned with: protecting the integrity of a message validating
More informationDigital Signature. Raj Jain
Digital Signature Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More information3. Use the RF material for authentication. 4. Carry an acknowledgment material derived from the reconstructed RF material by Acknowledgment Message ((
Modication of Internet Key Exchange Resistant against Denial-of-Service Kanta Matsuura and Hideki Imai Institute of Industrial Science, University of Tokyo, Roppongi 7-22-1, Minato-ku, Tokyo 106-8558,
More informationCryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL
Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E
More informationStep Initiator (I) Responder (R) ((1)) Precomputation Precomputation Computation ((2)) by using PK R and/or SK I ((3)) Request Message =) Computation
Resolution of ISAKMP/Oakley Key-Agreement Protocol Resistant against Denial-of-Service Attack Kanta Matsuura and Hideki Imai Institute of Industrial Science, University of Tokyo, Tokyo 106-8558, JAPAN
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 13 Digital Signatures To guard against the baneful influence exerted by strangers is therefore an elementary dictate of savage
More informationChapter 9 Public Key Cryptography. WANG YANG
Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 11 October 4, 2017 CPSC 467, Lecture 11 1/39 ElGamal Cryptosystem Message Integrity and Authenticity Message authentication codes
More informationOther Topics in Cryptography. Truong Tuan Anh
Other Topics in Cryptography Truong Tuan Anh 2 Outline Public-key cryptosystem Cryptographic hash functions Signature schemes Public-Key Cryptography Truong Tuan Anh CSE-HCMUT 4 Outline Public-key cryptosystem
More informationThis chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest
1 2 3 This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest PKCS, Diffie- Hellman key exchange. This first published
More informationUNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX
UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Introduction to Cryptography ECE 597XX/697XX Part 10 Digital Signatures Israel Koren ECE597/697 Koren Part.10.1 Content of this part
More informationPublic Key Cryptography
graphy CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L07, Steve/Courses/2011/S2/CSS322/Lectures/rsa.tex,
More informationISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)
Outline ISA 662 Internet Security Protocols Some Math Essentials & History Asymmetric signatures and key exchange Asymmetric encryption Symmetric MACs Lecture 2 ISA 662 1 2 Beauty of Mathematics Demonstration
More informationLECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY. (One-Way Functions and ElGamal System)
Department of Software The University of Babylon LECTURE NOTES ON PUBLIC- KEY CRYPTOGRAPHY (One-Way Functions and ElGamal System) By College of Information Technology, University of Babylon, Iraq Samaher@itnet.uobabylon.edu.iq
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationCryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III
Cryptography III Public-Key Cryptography Digital Signatures 2/1/18 Cryptography III 1 Public Key Cryptography 2/1/18 Cryptography III 2 Key pair Public key: shared with everyone Secret key: kept secret,
More informationEncryption. INST 346, Section 0201 April 3, 2018
Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:
More information1. Digital Signatures 2. ElGamal Digital Signature Scheme 3. Schnorr Digital Signature Scheme 4. Digital Signature Standard (DSS)
Digital Signature Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 13-1 1. Digital Signatures 2.
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms
Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of
More informationImproved Truncated Differential Attacks on SAFER
Improved Truncated Differential Attacks on SAFER Hongjun Wu * Feng Bao ** Robert H. Deng ** Qin-Zhong Ye * * Department of Electrical Engineering National University of Singapore Singapore 960 ** Information
More informationOn the Diculty of Software Key Escrow. Abstract. At Eurocrypt'95, Desmedt suggested a scheme which allows individuals to encrypt
On the Diculty of Software Key Escrow Lars R. Knudsen Katholieke Universiteit Leuven Dept. Elektrotechniek-ESAT Kardinaal Mercierlaan 94 B-3001 Heverlee Torben P. Pedersen y Cryptomathic Arhus Science
More informationKurose & Ross, Chapters (5 th ed.)
Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and
More informationTopics. Number Theory Review. Public Key Cryptography
Public Key Cryptography Topics 1. Number Theory Review 2. Public Key Cryptography 3. One-Way Trapdoor Functions 4. Diffie-Helman Key Exchange 5. RSA Cipher 6. Modern Steganography Number Theory Review
More informationPublic-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationUNIT III 3.1DISCRETE LOGARITHMS
UNIT III Discrete Logarithms Computing discrete logs Diffie-Hellman key exchange ElGamal Public key cryptosystems Hash functions Secure Hash - MD5 Digital signatures RSA ElGamal Digital signature scheme.
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationLecture 2 Applied Cryptography (Part 2)
Lecture 2 Applied Cryptography (Part 2) Patrick P. C. Lee Tsinghua Summer Course 2010 2-1 Roadmap Number theory Public key cryptography RSA Diffie-Hellman DSA Certificates Tsinghua Summer Course 2010 2-2
More informationCryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
More informationAn E cient Multi-Message Multi-Receiver Signcryption Scheme with Forward Secrecy on Elliptic Curves
An E cient Multi-Message Multi-Receiver Signcryption Scheme with Forward Secrecy on Elliptic Curves Nizamud Din, Arif Iqbal Umar, Abdul Waheed, Noor Ul Amin Department of Information Technology, Hazara
More informationMath236 Discrete Maths with Applications
Math236 Discrete Maths with Applications P. Ittmann UKZN, Pietermaritzburg Semester 1, 2012 Ittmann (UKZN PMB) Math236 2012 1 / 33 Key size in RSA The security of the RSA system is dependent on the diculty
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationModule: Cryptographic Protocols. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security
CMPSC443 - Introduction to Computer and Network Security Module: Cryptographic Protocols Professor Patrick McDaniel Spring 2009 1 Key Distribution/Agreement Key Distribution is the process where we assign
More informationCryptography and Network Security Chapter 13. Digital Signatures & Authentication Protocols
Cryptography and Network Security Chapter 13 Digital Signatures & Authentication Protocols Digital Signatures have looked at message authentication but does not address issues of lack of trust digital
More informationAn Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings
An Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings Debasis Giri and P. D. Srivastava Department of Mathematics Indian Institute of Technology, Kharagpur 721 302, India
More informationPublic-key encipherment concept
Date: onday, October 21, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on Public Key Cryptography Public-key encipherment concept Each user in a secure communication
More informationCSC/ECE 774 Advanced Network Security
Computer Science CSC/ECE 774 Advanced Network Security Topic 2. Network Security Primitives CSC/ECE 774 Dr. Peng Ning 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange;
More informationOverview. Public Key Algorithms I
Public Key Algorithms I Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc4601-04/ Louisiana State
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationPublic Key Algorithms
CSE597B: Special Topics in Network and Systems Security Public Key Cryptography Instructor: Sencun Zhu The Pennsylvania State University Public Key Algorithms Public key algorithms RSA: encryption and
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationn-bit Output Feedback
n-bit Output Feedback Cryptography IV Encrypt Encrypt Encrypt P 1 P 2 P 3 C 1 C 2 C 3 Steven M. Bellovin September 16, 2006 1 Properties of Output Feedback Mode No error propagation Active attacker can
More informationUnit III. Chapter 1: Message Authentication and Hash Functions. Overview:
Unit III Chapter 1: Message Authentication and Hash Functions Overview: Message authentication is a mechanism or service used to verify the integrity of a message. Message authentication assures that data
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationCrypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion
Crypto Basics Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion 1 What is a cryptosystem? K = {0,1} l P = {0,1} m C = {0,1} n, C C E: P K C D: C
More informationPublic-Key Cryptanalysis
http://www.di.ens.fr/ pnguyen INRIA and École normale supérieure, Paris, France MPRI, 2010 Outline 1 Introduction Asymmetric Cryptology Course Overview 2 Textbook RSA 3 Euclid s Algorithm Applications
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 19th February 2009 Outline Basics Constructing signature schemes Security of
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 10 David Aspinall School of Informatics University of Edinburgh 10th February 2011 Outline Basics Constructing signature schemes Security of
More informationElements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 2 Due: Friday, 10/28/2016 at 11:55pm PT Will be posted on
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond con dentiality Authentication Message integrity WHAT IS NETWORK SECURITY? Con dentiality: only
More informationmoment (due to problems of auxiliary memory): another weak point is the associated cost. A possible alternative solution is to use an auxiliary unit (
Secure acceleration of DSS signatures using insecure server Philippe Beguin? Jean-Jacques Quisquater Philippe.Beguin@ens.fr Quisquater@dice.ucl.ac.be Laboratoire d'informatique?? Laboratoire DICE Ecole
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Misconceptions Concerning Public-Key Encryption Public-key encryption is more secure from
More informationA SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS
A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS Ounasser Abid 1 and Omar Khadir 2 1, 2 Laboratory of Mathematics, Cryptography and Mechanics, FSTM University Hassan II of Casablanca, Morocco
More informationChameleon Hashing and Signatures. October Abstract. We introduce chameleon signatures that provide with an undeniable commitment of the signer
Chameleon Hashing and Signatures Hugo Krawczyk Tal Rabin y October 1997 Abstract We introduce chameleon signatures that provide with an undeniable commitment of the signer to the contents of the signed
More informationChapter 7 Public Key Cryptography and Digital Signatures
Chapter 7 Public Key Cryptography and Digital Signatures Every Egyptian received two names, which were known respectively as the true name and the good name, or the great name and the little name; and
More informationPart VI. Public-key cryptography
Part VI Public-key cryptography Drawbacks with symmetric-key cryptography Symmetric-key cryptography: Communicating parties a priori share some secret information. Secure Channel Alice Unsecured Channel
More informationContents Digital Signatures Digital Signature Properties Direct Digital Signatures
Contents Digital Signatures... 197 Digital Signature Properties... 198 Direct Digital Signatures... 198 199...قابلداوری Arbitrated Digital Signatures Arbitrated Digital Signature Technaiques... 200 Authentication
More information2.1 Basic Cryptography Concepts
ENEE739B Fall 2005 Part 2 Secure Media Communications 2.1 Basic Cryptography Concepts Min Wu Electrical and Computer Engineering University of Maryland, College Park Outline: Basic Security/Crypto Concepts
More informationNumber Theory and RSA Public-Key Encryption
Number Theory and RSA Public-Key Encryption Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu CIA Triad: Three Fundamental
More informationASYMMETRIC CRYPTOGRAPHY
ASYMMETRIC CRYPTOGRAPHY CONTENT: 1. Number Theory 2. One Way Function 3. Hash Function 4. Digital Signature 5. RSA (Rivest-Shamir Adleman) References: 1. Applied Cryptography, Bruce Schneier 2. Cryptography
More information10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem
[Part 2] Asymmetric-Key Encipherment Asymmetric-Key Cryptography To distinguish between two cryptosystems: symmetric-key and asymmetric-key; To discuss the RSA cryptosystem; To introduce the usage of asymmetric-key
More informationIntroduction to Cryptography. --- Foundations of computer security ---
Introduction to Cryptography --- Foundations of computer security --- Related Chapters Cryptography CHAPTER 2, A Cryptography Primer CHAPTER 37, Data Encryption CHAPTER 39, Public Key Infrastructure CHAPTER
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 6 Introduction to Public-Key Cryptography ver. November 18, 2010 These
More informationProxy Blind Signature Scheme
@Copyright GFCR Transaction on Cryptology Volume 2- Issue 1(2005) Pages: 5-11 Proxy Blind Signature Scheme \Revised Version" Amit K Awasthi Hindustan College of Sc. & Tech., Farah Mathura, INDIA Email:
More informationSECURITY IN NETWORKS 1
SECURITY IN NETWORKS 1 GOALS Understand principles of network security: Cryptography and its many uses beyond con dentiality Authentication Message integrity 2. 1 WHAT IS NETWORK SECURITY? Con dentiality:
More informationChapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations; and can add,
More informationח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms
Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,
More informationKALASALINGAM UNIVERSITY
KALASALINGAM UNIVERSITY (Kalasalingam Academy of Research and Education) DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CLASS NOTES CRYPTOGRAPHY AND NETWOTK SECURITY (CSE 405) Prepared by M.RAJA AP/CSE
More informationCRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext
CRYPTOLOGY CRYPTOGRAPHY KEY MANAGEMENT CRYPTANALYSIS Cryptanalytic Brute-Force Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext 58 Types of Cryptographic Private key (Symmetric) Public
More informationDigital Multi Signature Schemes Premalatha A Grandhi
Digital Multi Signature Schemes Premalatha A Grandhi (pgrandhi@cise.ufl.edu) Digital Signatures can be classified into o Single Signatures o Multiple Signatures (multi-signatures) Types of Multiple Signatures
More informationCS669 Network Security
UNIT II PUBLIC KEY ENCRYPTION Uniqueness Number Theory concepts Primality Modular Arithmetic Fermet & Euler Theorem Euclid Algorithm RSA Elliptic Curve Cryptography Diffie Hellman Key Exchange Uniqueness
More informationVerifiably Encrypted Signature Scheme with Threshold Adjudication
Verifiably Encrypted Signature Scheme with Threshold Adjudication M. Choudary Gorantla and Ashutosh Saxena Institute for Development and Research in Banking Technology Road No. 1, Castle Hills, Masab Tank,
More informationLecture 3.4: Public Key Cryptography IV
Lecture 3.4: Public Key Cryptography IV CS 436/636/736 Spring 2012 Nitesh Saxena Course Administration HW1 submitted Trouble with BB Trying to check with BB support HW1 solution will be posted very soon
More informationPUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA
PUBLIC KEY CRYPTO Anwitaman DATTA SCSE, NTU Singapore Acknowledgement: The following lecture slides are based on, and uses material from the text book Cryptography and Network Security (various eds) by
More informationAn IBE Scheme to Exchange Authenticated Secret Keys
An IBE Scheme to Exchange Authenticated Secret Keys Waldyr Dias Benits Júnior 1, Routo Terada (Advisor) 1 1 Instituto de Matemática e Estatística Universidade de São Paulo R. do Matão, 1010 Cidade Universitária
More informationPROTECTING CONVERSATIONS
PROTECTING CONVERSATIONS Basics of Encrypted Network Communications Naïve Conversations Captured messages could be read by anyone Cannot be sure who sent the message you are reading Basic Definitions Authentication
More informationA Digital Signature Scheme using Diffie-Hellman Key Exchange
A Digital Signature Scheme using Diffie-Hellman Key Exchange Muhammad Fareed Uddin and Kashif Siddiqui SZABIST Karachi, Pakistan Abstract: The new age digital communication has drastically changed the
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationAn improved proxy blind signature scheme based on ECDLP
Malaya J. Mat. 2(3)(2014) 228 235 An improved proxy blind signature scheme based on ECDLP Manoj Kumar Chande Shri Shankaracharya Institute Of Professional Management & Technology, Raipur, 492015, Chhattisgarh,
More informationCryptographic Techniques. Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building
Cryptographic Techniques Information Technologies for IPR Protections 2003/11/12 R107, CSIE Building Outline Data security Cryptography basics Cryptographic systems DES RSA C. H. HUANG IN CML 2 Cryptography
More informationICT 6541 Applied Cryptography. Hossen Asiful Mustafa
ICT 6541 Applied Cryptography Hossen Asiful Mustafa Basic Communication Alice talking to Bob Alice Bob 2 Eavesdropping Eve listening the conversation Alice Bob 3 Secure Communication Eve listening the
More informationKey Exchange. Secure Software Systems
1 Key Exchange 2 Challenge Exchanging Keys &!"#h%&'() & & 1 2 6(6 1) 2 15! $ The more parties in communication, the more keys that need to be securely exchanged " # Do we have to use out-of-band methods?
More informationPublic Key Cryptography and RSA
Public Key Cryptography and RSA Major topics Principles of public key cryptosystems The RSA algorithm The Security of RSA Motivations A public key system is asymmetric, there does not have to be an exchange
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationGrenzen der Kryptographie
Microsoft Research Grenzen der Kryptographie Dieter Gollmann Microsoft Research 1 Summary Crypto does not solve security problems Crypto transforms security problems Typically, the new problems relate
More information